Explore the evolution of memory corruption exploitation in software security from 1988 to the present in this conference talk from the Hack In The Box Security Conference. Trace the development of vulnerability classes, exploitation techniques like Return Oriented Programming (ROP) and return-to-libc, and mitigation strategies implemented by different operating systems. Witness demonstrations of real-world vulnerabilities, including a buffer overflow in GNU Sharutils and an integer overflow in Windows Kernel win32k.sys. Gain insights into the ongoing challenges of mitigating memory corruption threats across various products and operating systems. Learn from experienced security professionals Nafiez and Jaan Yeh as they provide a high-level overview of memory corruption and discuss how exploitation techniques have evolved to bypass multi-stage mitigations.
Overview
Syllabus
#HITBGEC 2018 COMMSEC: Software Security Era: Past, Present, And Future - Nafiez and Jaan Yeh
Taught by
Hack In The Box Security Conference
Related Courses
-
Automatic Generation of ROP Chains
-
Privilege Escalation Using DOP in MacOS
-
The Past, Present & Future of Enterprise Security
-
Nifty Tricks and Sage Advice for Shellcode on Embedded Systems
-
Software Security Analysis - Present and Future Research Initiatives
-
Finding Vulnerabilities in iOS - MacOS Networking Code
